VaultPress now performs security scans on core WordPress files

1 Comment

A new feature was enabled last week for premium VaultPress users: WordPress core file scanning. Since VaultPress knows which version of WordPress you’re running, as well as which files that version should include, VaultPress can monitor your files and let you know if something weird is going on (using MD5 checksum, a sort of digital fingerprint).

As Brian Colinger explains on the VaultPress blog:

On our initial scan of your site, we perform all three of these steps for each of the 750+ WordPress core files. This scan creates a baseline that we can compare against in future scans. If the MD5 checksum of a core file doesn’t match, we notify you through an alert in the security tab of your VaultPress dashboard. A variation in the checksum means that the file has been modified from the original version that came with your WordPress install.

If you weren’t the one who modified a file, it’s possible that your site has been hacked and malicious code injected. In that case, you can contact the VaultPress Safekeeper team from your dashboard and we’ll help you diagnose and correct the problem.

Colinger explains that future versions of the scanner will store a diff of file changes to show exactly what has been changed in each file. Malicious code detection will be in a future version as well.

Those interested in this security feature but not the $40/month price tag can check out the WP File Monitor and Exploit Scanner plugins, both free and both in the Plugin Directory.

One thought on “VaultPress now performs security scans on core WordPress files

  1. @Eric, while backup/monitoring is essential, it doesn’t have to be quite so expensive, and it shouldn’t be unique to WP sites. CodeGuard (www.codeguard.com) extends the malware monitoring, can handle non-WordPress sites too, and is cheaper. They’re still in closed beta, but you can get in with a free account (and likely a free trial Pro account) using “CGLongWPC” as the coupon code.

Comments are closed.